CVE-2018-17481
- EPSS 1.61%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:54:30
Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2018-18335
- EPSS 3.72%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:44
Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18336
- EPSS 1.53%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:44
Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
CVE-2018-18337
- EPSS 1.68%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:44
Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18338
- EPSS 1.42%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:44
Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-18339
- EPSS 1.42%
- Veröffentlicht 11.12.2018 16:29:00
- Zuletzt bearbeitet 21.11.2024 03:55:44
Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2018-6152
- EPSS 1.32%
- Veröffentlicht 04.12.2018 17:29:02
- Zuletzt bearbeitet 21.11.2024 04:10:10
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to pote...
CVE-2018-6086
- EPSS 3.35%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:02
A double-eviction in the Incognito mode cache that lead to a user-after-free in Networking Disk Cache in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code via a crafted HTML page.
CVE-2018-6087
- EPSS 3.45%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:02
A use-after-free in WebAssembly in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2018-6088
- EPSS 2.42%
- Veröffentlicht 04.12.2018 17:29:01
- Zuletzt bearbeitet 21.11.2024 04:10:02
An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file.